Cyber Security Consulting

Corporate Information Security Consulting Services

Penetration Testing Services

Penetration tests are carried out on the basis of international standards for your IT, OT, IOT and similar assets by offering solutions tailored to corporate needs.

Information Security Trainings

With our senior information security trainings, we offer corporate and individual cyber security training services to ensure proactive security.

IT Penetration Test
 

Penetration testing is a process performed for IT (Information Technology) assets and used to detect Cyber Security threats beforehand. With the penetration test, IT assets are tested and vulnerabilities on these assets are determined. The gaps found and the methods of removing these gaps are also processed within this process. Penetration tests are performed within scenarios according to each asset type. With these scenarios, the scope of the test to be carried out, the way of progress, infiltration techniques, techniques to bypass security devices and products are determined. Penetration tests are carried out on the basis of both national and international methodological approaches.

Infrastructure Maturation

Infrastructure Maturation service is a package service that includes many services. This package includes 4 basic services such as Forensic Analysis, Incident Response, Penetration Testing and Contingency Plan. In the event of a forensic incident within the scope of the service, services such as incident response and numerical evidence analysis are used to answer many questions such as the dates of the incident, the details of the incident, which systems were affected, how the incident was carried out, and with which user accounts. After the incident is clarified, the corrective/remedial activities step is started. In regulatory activities, current photos of the network infrastructure of the institution are taken with penetration tests, and weak systems and incorrect configurations are reported. Then, an emergency action plan is prepared and it is determined how remedial activities should be and which priorities should be made for investments. Thus, it is aimed to mature the corporate network infrastructure and increase its resistance against cyber security risks.

Continuous Cyber Security Consulting
 

Within the scope of this service, it will provide security consultancy services within a certain and pre-planned program within a period of one year with your institution.

Within the scope of this consultancy service, which will take place once a week, topics such as the existence of structures that may pose a security risk in the IT infrastructure of the institution or what the possible security risks may be in new projects will be discussed.

Likewise, log records in the security infrastructure of the institution will be analyzed and detailed analysis of possible suspicious situations will be made.

Within the scope of this service, there is also the service of intervening in a possible cyber incident (information theft, blackmail, hacking, etc.) and obtaining the necessary numerical evidence to be used in solving the relevant incidents within the customer's body, analyzing these evidences and preparing the necessary reports.

Regular Vulnerability Scanning
 

Regular vulnerability scanning is a type of test used to detect ever-evolving Cyber Security threats against corporate assets. With periodic vulnerability scanning tests, IT assets are tested and vulnerabilities on these assets are detected. The gaps found and the methods of removing these gaps are submitted to the institution as a report at the end of the test. Periodic vulnerability tests, unlike penetration tests, focus on detecting vulnerabilities and do not include infiltration attempts. Periodic vulnerability tests are carried out every six months, twice a year, and new vulnerabilities or vulnerabilities resulting from configuration changes are identified and reported. Periodic tests are followed by the developed central monitoring tool. Thanks to this software, the institution's risk scorecard is created by comparing the findings determined as a result of the vulnerability tests of the institution, and this scorecard is presented to the institution as a report together with the final test. Within the scope of this service, the security of the IT infrastructure will be tested by performing vulnerability tests from the outside to the inside and from the inside to the inside. Thus, before an attack occurs, possible entry points will be identified and these weaknesses will be eliminated. This service includes the following service titles as a minimum.